package com.tallysystem.servlet;

import java.io.IOException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

@WebServlet("/dologin2Serlvet")
public class Login2Servlet extends HttpServlet {
	private static final long serialVersionUID = 1L;

	@Override
	public void init() throws ServletException {
	}

	@Override
	protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
		super.service(req, resp);

	}

	@Override
	public void destroy() {
}

	@Override
	protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
		super.doPost(req, resp);
	}

	protected void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		HttpSession session = request.getSession();
		Integer number = Integer.parseInt(request.getParameter("number"));
		String password = request.getParameter("password");
//		String remember = request.getParameter("remember");
		String checkcode01 = request.getParameter("checkcode");
		String checkcode02 = (String) session.getAttribute("checkcode02");
		session.removeAttribute("checkcode02");
		// 调用接口
//		UserDao userDao = new UserDaoImpl();
//		User user = userDao.getNumberAndPassword(num,pwd);

		try {
			Class.forName("com.mysql.cj.jdbc.Driver");
			String url = "jdbc:mysql://localhost:3306/ch04_students?useUnicode=true&characterEncoding=utf-8";
			// 2. 建立连接
			Connection con = DriverManager.getConnection(url, "root", "123456");
			String sql = "select * from user where number =? and password =? ";
			// 3. 创建Statement
			PreparedStatement stm = con.prepareStatement(sql);
			stm.setInt(1, number);
			stm.setString(2, password);
			// 4. 执行SQL语句
			ResultSet res = stm.executeQuery();
			// 5. 处理结果
			Integer num = null;
			String pwd = null;
			while (res.next()) {
				String name = res.getString("username");
				num = res.getInt("number");
				pwd = res.getString("password");
//				System.out.println("name = " + name);
				// 将name的值放到session中
				request.getSession().setAttribute("username", name);
				break;
			}
			System.out.println("num = " + num);
			System.out.println("pwd = " + pwd);
			// 6. 释放资源
			res.close();
			stm.close();
			con.close();

			// 判断用户名与密码是否正确
			if ((num != null) && (pwd != null && !pwd.equals(""))
					&& checkcode01.equals(checkcode02)) {

				// 将number的值放到session中
				request.getSession().setAttribute("number", num);
				response.sendRedirect("userListServlet");
			} else {
				if (!checkcode01.equals(checkcode02)) {
					response.sendRedirect("login2.jsp");
					request.getSession().setAttribute("error02", "验证码错误");

				} else {
					response.sendRedirect("login2.jsp");
					request.getSession().setAttribute("error01", "学号或密码错误");
				}

			}
		} catch (ClassNotFoundException | SQLException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}

	}

}
